Scanning 2D barcodes, finding free Wi-Fi access points, sending SMS messages, listening to music, and watching MP4 videos: these are very common activities that we do using our smartphones.
Can you imagine that simply doing these things can get your smarphones infected with "worms" that can not only steal personal information from your phone, but also infect your friends's phones.
Sound scary? It will not be long before worms like this spread among smartphones. What makes the attacks feasible is an emerging technology called HTML5-based app development, and it has been rapidly gaining popularity in the mobile industry.
When the adoption of this technology reaches certain threshold, attacks like this will become quite common, unless we do something to stop it. A recent Gartner report says that by 2016, fifty percent of the mobile apps will be using HTML5-based technologies.
All major mobile systems will be affected, including Android, iOS, Blackberry, Windows Phone, etc., because they all support HTML5-based mobile apps.
A notorious problem of the HTML5-based technology is that malicious code can be easily injected into the program and get executed. That is why the Cross-Site Scripting (XSS) attack is still one of the most common attacks in the Web.
XSS attacks can only target at web applications through a single channel (i.e. the Internet), but with the adoption of the same technology in mobile devices, we have found out that a similar type of attack can not only be launched against mobile apps, it can attack from many channels, including 2D barcode, Wi-Fi scanning, Bluetooth pairing, MP3 songs, MP4 videos, SMS messages, NFC tags, Contact list, etc. As long as an HTML5-based app displays information obtained from outside or from anohter app, it may be a potential victim.
Chris Hittinger | EurekAlert!
Computing at the Speed of Light
22.05.2015 | University of Utah
NOAA's GOES-R satellite begins environmental testing
22.05.2015 | NASA/Goddard Space Flight Center
Physicists have developed an innovative method that could enable the efficient use of nanocomponents in electronic circuits. To achieve this, they have developed a layout in which a nanocomponent is connected to two electrical conductors, which uncouple the electrical signal in a highly efficient manner. The scientists at the Department of Physics and the Swiss Nanoscience Institute at the University of Basel have published their results in the scientific journal “Nature Communications” together with their colleagues from ETH Zurich.
Electronic components are becoming smaller and smaller. Components measuring just a few nanometers – the size of around ten atoms – are already being produced...
Development and implementation of an advanced automobile parking navigation platform for parking services
To fulfill the requirements of the industry, PolyU researchers developed the Advanced Automobile Parking Navigation Platform, which includes smart devices,...
The world's first electrical car and passenger ferry powered by batteries has entered service in Norway. The ferry only uses 150 kWh per route, which...
On Tuesday, 19 May 2015 the research icebreaker Polarstern will leave its home port in Bremerhaven, setting a course for the Arctic. Led by Dr Ilka Peeken from the Alfred Wegener Institute, Helmholtz Centre for Polar and Marine Research (AWI) a team of 53 researchers from 11 countries will investigate the effects of climate change in the Arctic, from the surface ice floes down to the seafloor.
RV Polarstern will enter the sea-ice zone north of Spitsbergen. Covering two shallow regions on their way to deeper waters, the scientists on board will focus...
Nanoengineers at the University of California, San Diego developed a gel filled with toxin-absorbing nanosponges that could lead to an effective treatment for skin and wound infections caused by MRSA (methicillin-resistant Staphylococcus aureus), an antibiotic-resistant bacteria. This "nanosponge-hydrogel" minimized the growth of skin lesions on mice infected with MRSA - without the use of antibiotics. The researchers recently published their findings online in Advanced Materials.
To make the nanosponge-hydrogel, the team mixed nanosponges, which are nanoparticles that absorb dangerous toxins produced by MRSA, E. coli and other...
20.05.2015 | Event News
18.05.2015 | Event News
12.05.2015 | Event News
22.05.2015 | Materials Sciences
22.05.2015 | Information Technology
22.05.2015 | Materials Sciences